Microsoft disclosed a new zero-day vulnerability in Outlook identified as CVE-2023-23397. This flaw is an elevation-of-privilege (EoP) vulnerability that enables remote code execution capability as threat actors can steal NTLM credentials of Microsoft Outlook users.